Hackers Target OKX Customers in Suspected SIM Swap Attack
Hackers have allegedly targeted OKX, a major cryptocurrency exchange, in a sophisticated SIM swap attack. At least two users reported losing funds after receiving suspicious SMS risk notifications.
Details of the Attack
The attack involved sending SMS risk notifications to OKX customers from Hong Kong. Hackers then created new API keys with withdrawal and trading permissions, enabling them to drain funds from the affected accounts. This was confirmed by SlowMist founder Yu Xian.
OKX’s Chinese branch has acknowledged the incident in a post on X (formerly known as Twitter) dated June 9. The exchange has reached out to the impacted users and is actively investigating the matter. OKX has assured users that if the platform is found responsible, it will take full responsibility and compensate the affected users.
The Growing Threat of SIM Swapping
SIM swapping is not a new threat. In 2021, Coinbase experienced a similar attack where hackers bypassed multi-factor authentication and stole crypto from around 6,000 users. These attacks often involve hijackers intercepting one-time passwords and validating transactions or changing account credentials by porting phone numbers.
In response to the growing threat, many major crypto companies have shifted away from SMS-based two-factor authentication. However, some still rely on this method, leaving them vulnerable to SIM swap attacks.
The full extent of the OKX attack remains unclear, and investigations are ongoing. This incident highlights the importance of robust security measures and the potential risks of relying on SMS-based authentication methods. As the investigation unfolds, affected users and the broader crypto community await further updates and resolutions from OKX.